urlscan.io logo urlscan.io
SecurityTrails logo

engage.advancingamericanfreedom.com Open in urlscan Pro
164.90.208.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://us4.co/71wv1x
Effective URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271...
Submission: On October 29 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 164.90.208.223, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is engage.advancingamericanfreedom.com.
TLS certificate: Issued by E6 on October 18th 2024. Valid for: 3 months.
This is the only time engage.advancingamericanfreedom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.248.192.114 16509 (AMAZON-02)
3 164.90.208.223 14061 (DIGITALOC...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
8 2a02:6ea0:c45... 60068 (CDN77 _)
2 31.13.80.12 32934 (FACEBOOK)
1 165.227.246.253 14061 (DIGITALOC...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f10... 32934 (FACEBOOK)
22 9
1    13.248.192.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: a88370b69dc0c4e51.awsglobalaccelerator.com
us4.co
3    164.90.208.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
engage.advancingamericanfreedom.com
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
scripts.swipepages.com
advancingamericanfreedomcom.swipepages.media
assets.swipepages.com
2    31.13.80.12 (Toronto, Canada)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-yyz1.fbcdn.net
connect.facebook.net
1    165.227.246.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
app.swipepages.com
2    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f10e:83:face:b00c:0:25de (Toronto, Canada)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
8 swipepages.com
scripts.swipepages.com — Cisco Umbrella Rank: 335783
assets.swipepages.com — Cisco Umbrella Rank: 676434
app.swipepages.com — Cisco Umbrella Rank: 353176
231 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
322 KB
3 advancingamericanfreedom.com
engage.advancingamericanfreedom.com
13 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
71 KB
1 swipepages.media
advancingamericanfreedomcom.swipepages.media
209 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 us4.co
us4.co
251 B
22 9
Domain Requested by
6 scripts.swipepages.com engage.advancingamericanfreedom.com
scripts.swipepages.com
3 www.googletagmanager.com engage.advancingamericanfreedom.com
www.googletagmanager.com
3 engage.advancingamericanfreedom.com engage.advancingamericanfreedom.com
2 www.facebook.com engage.advancingamericanfreedom.com
2 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net engage.advancingamericanfreedom.com
connect.facebook.net
1 app.swipepages.com scripts.swipepages.com
1 assets.swipepages.com engage.advancingamericanfreedom.com
1 advancingamericanfreedomcom.swipepages.media engage.advancingamericanfreedom.com
1 fonts.googleapis.com engage.advancingamericanfreedom.com
1 us4.co 1 redirects
22 11

This site contains links to these domains. Also see Links.

Domain
advancingamericanfreedom.com
Subject Issuer Validity Valid
engage.advancingamericanfreedom.com
E6		 2024-10-18 -
2025-01-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
swipepages.com
R10		 2024-09-18 -
2024-12-17		 3 months crt.sh
*.swipepages.media
Sectigo RSA Domain Validation Secure Server CA		 2024-09-25 -
2025-10-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-07 -
2024-11-05		 3 months crt.sh
*.swipepages.com
E5		 2024-09-17 -
2024-12-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Frame ID: 9D366E4C4F566DDAD01B1F6C25084F64
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PROTECT TAX CUTS

Page URL History Show full URLs

  1. http://us4.co/71wv1x HTTP 307
    https://us4.co/71wv1x HTTP 301
    https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

22
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

851 kB
Transfer

1911 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://us4.co/71wv1x HTTP 307
    https://us4.co/71wv1x HTTP 301
    https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
engage.advancingamericanfreedom.com/protect-tax-cuts-jt/
Redirect Chain
  • http://us4.co/71wv1x
  • https://us4.co/71wv1x
  • https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
43 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.208.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
7fbc37fb171259f26fd73e99991474301d5377994ddf936ce0a9509c980829ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
cache-control
public, max-age=604800
content-encoding
gzip
content-length
11350
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 18:01:50 GMT
etag
W/"ab65-1926d3581d5"
last-modified
Tue, 08 Oct 2024 17:37:56 GMT
server
Caddy
vary
Accept-Encoding
via
1.1 varnish (Varnish/6.0)
x-cache
hit HIT
x-cache-hits
80
x-powered-by
Express

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Tue, 29 Oct 2024 18:11:55 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
strict-transport-security
max-age=15552000
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:400&display=swap
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c5433710aed5e054a330ac4311cec4d79ecead1d1e9ed0cd21ad593e36e458b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 29 Oct 2024 18:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:56 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 29 Oct 2024 18:11:56 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		368 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W88RQST
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70dabbc9aada9eeb454d2a532b75e4f9f48416cdb4ff42f7d752f3180dd95bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 29 Oct 2024 18:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110325
x-xss-protection
0
server
Google Tag Manager
jquery.min.js
scripts.swipepages.com/js/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/jquery.min.js
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
5104f15eb4388a2c3e39928b2bcac1f8ee32e65b527c0ef96e27d1b8427d2e5d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"155e3-192b7cd4c90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Wed, 23 Oct 2024 05:15:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/25/2024 11:44:20
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
e9deb0605f963d32b5ae2d51d2ca80de
cdn-pullzone
127004
cdn-proxyver
1.05
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
asyncloader.min.js
scripts.swipepages.com/js/vendor/ 		569 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
e04fdc8ffe1a6d1387975fa740b7d5c50acc0fad48d890aefed648de55754348

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"239-192c6c45a90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Sat, 26 Oct 2024 03:00:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/26/2024 16:03:41
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
1607d85ebac0d1a68817a323336f6593
cdn-pullzone
127004
cdn-proxyver
1.05
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
helpers.min.js
scripts.swipepages.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/helpers.min.js
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
6d48f6957e9e2eb5ff2529ea26fdb60f17e1e78e8b6a23950eaecb3e492beddf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"6be-192c6c45a90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Sat, 26 Oct 2024 03:00:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/27/2024 15:03:06
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
44733c4ae51a6c887227c6bb802aaf8e
cdn-pullzone
127004
cdn-proxyver
1.05
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
sp-events.js
engage.advancingamericanfreedom.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.advancingamericanfreedom.com/sp-events.js?ver=1.2
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.208.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
bff101b1481254388fcd49f4ddb4dc7aea4d634dd3a353b883f749cdd7e95acc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606

Response headers

x-powered-by
Express
cache-control
public, max-age=604800
content-encoding
gzip
etag
W/"b7a-192b6a35f08"
via
1.1 varnish (Varnish/6.0)
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
x-cache
hit HIT
content-length
1311
date
Fri, 25 Oct 2024 13:38:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 22 Oct 2024 23:50:13 GMT
server
Caddy
x-cache-hits
9116
vary
Accept-Encoding
tatsu.min.js
scripts.swipepages.com/js/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/tatsu.min.js?ver=1.0.55
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
1704f3176d137ef236dfdb02ac7c328c029d9976dd0b7b04c10aa03efa358bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"f8cd-192b7cd4c90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Wed, 23 Oct 2024 05:15:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/24/2024 19:38:52
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
9538b53c6759c6ca1350aa4ff78963ab
cdn-pullzone
127004
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
analytics.min.js
scripts.swipepages.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/analytics.min.js?ver=1.0.8
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
88976c8ade38e4daa0a11d2dbc5c9a2bdf69a3bbf1a3f944cfe8f3854279a1bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"df7-192c6c45a90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Sat, 26 Oct 2024 03:00:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/27/2024 15:03:06
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
d0770c89c03c5d145bc846d88924124b
cdn-pullzone
127004
cdn-proxyver
1.05
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
aaf_social_preservingtaxcuts_1920x1080_v2-1500.webp
advancingamericanfreedomcom.swipepages.media/2024/8/64ee2a16256d25001050b58e/ 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://advancingamericanfreedomcom.swipepages.media/2024/8/64ee2a16256d25001050b58e/aaf_social_preservingtaxcuts_1920x1080_v2-1500.webp
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
0573240b3cdcea62a165e8c5d46248333027ce4fe182fe6e96d05b130850483a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"a5d64a9f285e64b061156457f04fa525"
date
Tue, 29 Oct 2024 18:11:56 GMT
x-rgw-object-type
Normal
content-type
image/webp
cdn-cachedat
10/29/2024 09:25:23
last-modified
Fri, 16 Aug 2024 17:00:35 GMT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
2
cdn-cache
HIT
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
becefc915fdc9f4e34f3e6adced52e96
cdn-pullzone
1580070
cdn-proxyver
1.06
x-amz-request-id
tx0000008891d9ea1caf5b8-006720aa03-716d5e64-ams3c
accept-ranges
bytes
access-control-allow-origin
*
content-length
212754
cdn-edgestorageid
885
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
Inter-Regular.woff
assets.swipepages.com/fonts/inter/regular/ 		168 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.swipepages.com/fonts/inter/regular/Inter-Regular.woff
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
7a58ed1a141c551d58dc4ffcfe1c1a0486c8aa1a137507f410981f246443ee3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://engage.advancingamericanfreedom.com
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag
"9731acee02294242030abe12cbee5ca0"
x-amz-meta-mtime
1585676776
date
Tue, 29 Oct 2024 18:11:56 GMT
x-rgw-object-type
Normal
content-type
application/font-woff
last-modified
Tue, 29 Dec 2020 09:18:26 GMT
cdn-cachedat
10/25/2024 09:29:24
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
9ec32c225c89b490f7d7c7a18a23864e
cdn-pullzone
127003
cdn-proxyver
1.05
x-amz-request-id
tx00000a3cd032e41e62a80-00671b64f4-45f2556a-ams3b
accept-ranges
bytes
access-control-allow-origin
*
content-length
171688
cdn-edgestorageid
885
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
js
www.googletagmanager.com/gtag/ 		321 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5DW06HHBQW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W88RQST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33029d2066382396bf99eaffbcf71ca0baee5ebcef5ad0a59aa72a1a1a35bba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 18:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108919
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		321 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EYYQT4K40J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W88RQST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0579e4634cf7dc0daf37e52b7c0fd0eadfbe85a87f1ae3a62e2ee9510c44e97d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 29 Oct 2024 18:11:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108966
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		229 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-RAnfAlNv' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 18:11:56 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-RAnfAlNv' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4419, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
mhVH8AlmZaGaZ0mukzl43OrplXBULTvrBNjPqe8nKtKOAZRm1q82Cnzw1hTpBOa00ZaNSvnFC+1kOCCUzDDlWw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59722
x-xss-protection
0
origin-agent-cluster
?1
jquery-ui.min.js
scripts.swipepages.com/js/vendor/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.swipepages.com/js/vendor/jquery-ui.min.js
Requested by
Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / Express
Resource Hash
87a5d059866978ec7b34e6e92fe8e8bcc8359fada01169e519ad778536ded772

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cdn-status
200
content-encoding
br
etag
W/"705c-192b7cd4c90"
date
Tue, 29 Oct 2024 18:11:56 GMT
last-modified
Wed, 23 Oct 2024 05:15:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
10/23/2024 07:15:46
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid
b6ec5af998beb64b6b780a59690c8311
cdn-pullzone
127004
cdn-proxyver
1.04
access-control-allow-origin
*
cdn-edgestorageid
885
x-powered-by
Express
server
BunnyCDN-NY1-885
cdn-requestcountrycode
CA
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
analytics
app.swipepages.com/api/ 		36 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.swipepages.com/api/analytics
Requested by
Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
165.227.246.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
595fe4588ff50d1d365a899152450103f0c8325d3a6e08655de7fd7071d6f7e4

Request headers

Referer
https://engage.advancingamericanfreedom.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-Type
text/plain

Response headers

access-control-allow-origin
*
content-length
36
etag
W/"24-CZIFBK3PSSiI1cvhbSYSKy/g3WE"
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/webp
250298797456517
connect.facebook.net/signals/config/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/250298797456517?v=2.9.174&r=stable&domain=engage.advancingamericanfreedom.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.80.12 Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-yyz1.fbcdn.net
Software
/
Resource Hash
351867ca2521a39c21b97090c2d53bc5bc9ec79e490f8f6375866081f6bd0032
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-n8zY7Lvf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-n8zY7Lvf' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=74, mss=1232, tbw=67883, tp=65, tpl=0, uplat=154, ullat=0
pragma
public
x-fb-debug
oq50f+kBgjQO10UudhiP+zueEAa/BqDzb9MIYMrXYPbGtL5qL6Owd7lCCK1L5dtzaR56sTCdcHHOXP06oFejvw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-5DW06HHBQW&gtm=45je4as0v9123618103z89103022758za200zb9103022758&_p=1730225516494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101925629&cid=475234235.1730225517&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730225516&sct=1&seg=0&dl=https%3A%2F%2Fengage.advancingamericanfreedom.com%2Fprotect-tax-cuts-jt%2F%3Futm_campaign%3D20241029_GOTV.101271_t1572888-2606%26ex_tid%3D20241029_GOTV.101271_t1572888-2606&dt=PROTECT%20TAX%20CUTS&en=page_view&_fv=1&_nsi=1&_ss=1&ep.keyword=Taxes&tfd=1250
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5DW06HHBQW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://engage.advancingamericanfreedom.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-EYYQT4K40J&gtm=45je4as0v9168971831z89103022758za200zb9103022758&_p=1730225516494&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533421~101823848~101925629&cid=475234235.1730225517&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730225516&sct=1&seg=0&dl=https%3A%2F%2Fengage.advancingamericanfreedom.com%2Fprotect-tax-cuts-jt%2F%3Futm_campaign%3D20241029_GOTV.101271_t1572888-2606%26ex_tid%3D20241029_GOTV.101271_t1572888-2606&dt=PROTECT%20TAX%20CUTS&en=page_view&_fv=1&_ss=1&ep.keyword=Taxes&tfd=1288
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EYYQT4K40J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://engage.advancingamericanfreedom.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=250298797456517&ev=PageView&dl=https%3A%2F%2Fengage.advancingamericanfreedom.com%2Fprotect-tax-cuts-jt%2F%3Futm_campaign%3D20241029_GOTV.101271_t1572888-2606%26ex_tid%3D20241029_GOTV.101271_t1572888-2606&rl=&if=false&ts=1730225517043&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730225517039.742806203230346485&ler=empty&cdl=API_unavailable&it=1730225516836&coo=false&rqm=GET
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2910, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=250298797456517&ev=PageView&dl=https%3A%2F%2Fengage.advancingamericanfreedom.com%2Fprotect-tax-cuts-jt%2F%3Futm_campaign%3D20241029_GOTV.101271_t1572888-2606%26ex_tid%3D20241029_GOTV.101271_t1572888-2606&rl=&if=false&ts=1730225517043&sw=1600&sh=1200&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730225517039.742806203230346485&ler=empty&cdl=API_unavailable&it=1730225516836&coo=false&rqm=FGET
Requested by
Host: engage.advancingamericanfreedom.com
URL: https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7431262012116497955"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 29 Oct 2024 18:11:57 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Tln2VsHjYrY8tzclPihYPMBxa1WYZnBfELjgbrBw2WHYz8M1wgj0FoB6KIli8Rzg/WlKBRjqdFuouLcwqCU8MQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7431262012116497955", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=3228, tp=-1, tpl=-1, uplat=159, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
favicon.ico
engage.advancingamericanfreedom.com/ 		0
43 B 		Other
General
Check archive.org
Download Go to
Full URL
https://engage.advancingamericanfreedom.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.208.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://engage.advancingamericanfreedom.com/protect-tax-cuts-jt/?utm_campaign=20241029_GOTV.101271_t1572888-2606&ex_tid=20241029_GOTV.101271_t1572888-2606

Response headers

via
1.1 varnish (Varnish/6.0)
alt-svc
h3=":443"; ma=2592000
x-cache
hit HIT
date
Tue, 29 Oct 2024 18:11:19 GMT
x-powered-by
Express
server
Caddy
x-cache-hits
3

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| _typeof function| $ function| jQuery object| asyncloader object| BeLazyLoad object| tatsuFrontendConfig object| spAnalyticsConfig object| spAnalytics function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| isWebpSupported function| tatsuFormsValidate function| onRecaptchaInit function| onRecaptchaSuccess function| loadLottie function| showRedirectionErrorLoader function| showRedirectionLoader function| hideRedirectionLoader function| customSelectHandleDropDown function| customSelectFilterFunction function| defaultCountryFlagAsTimeZone function| lazyloadImage function| customSelectInputWidth function| getUTMParams object| tatsu function| spGetEventProps string| webpSupport function| onYouTubeIframeAPIReady object| gaGlobal

6 Cookies

Domain/Path Name / Value
engage.advancingamericanfreedom.com/ Name: swipepages_user
Value: 70l7udd0w1km2urll2y
engage.advancingamericanfreedom.com/ Name: 67056dcca5d3c70012171e99
Value: 67056dcca5d3c70012171e9e
.advancingamericanfreedom.com/ Name: _ga_5DW06HHBQW
Value: GS1.1.1730225516.1.0.1730225516.0.0.0
.advancingamericanfreedom.com/ Name: _ga
Value: GA1.1.475234235.1730225517
.advancingamericanfreedom.com/ Name: _ga_EYYQT4K40J
Value: GS1.1.1730225516.1.0.1730225516.0.0.0
.advancingamericanfreedom.com/ Name: _fbp
Value: fb.1.1730225517039.742806203230346485

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advancingamericanfreedomcom.swipepages.media
app.swipepages.com
assets.swipepages.com
connect.facebook.net
engage.advancingamericanfreedom.com
fonts.googleapis.com
scripts.swipepages.com
us4.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.248.192.114
164.90.208.223
165.227.246.253
2607:f8b0:4004:c08::5f
2607:f8b0:4006:80f::200e
2607:f8b0:4006:823::2008
2a02:6ea0:c454::1
2a03:2880:f10e:83:face:b00c:0:25de
31.13.80.12
0573240b3cdcea62a165e8c5d46248333027ce4fe182fe6e96d05b130850483a
0579e4634cf7dc0daf37e52b7c0fd0eadfbe85a87f1ae3a62e2ee9510c44e97d
0c5433710aed5e054a330ac4311cec4d79ecead1d1e9ed0cd21ad593e36e458b
1704f3176d137ef236dfdb02ac7c328c029d9976dd0b7b04c10aa03efa358bff
33029d2066382396bf99eaffbcf71ca0baee5ebcef5ad0a59aa72a1a1a35bba7
351867ca2521a39c21b97090c2d53bc5bc9ec79e490f8f6375866081f6bd0032
5104f15eb4388a2c3e39928b2bcac1f8ee32e65b527c0ef96e27d1b8427d2e5d
595fe4588ff50d1d365a899152450103f0c8325d3a6e08655de7fd7071d6f7e4
668c6828672fa8600b7a0632cb328ee63a31361be6734987b04985fcd9d08d4f
6d48f6957e9e2eb5ff2529ea26fdb60f17e1e78e8b6a23950eaecb3e492beddf
70dabbc9aada9eeb454d2a532b75e4f9f48416cdb4ff42f7d752f3180dd95bdd
7a58ed1a141c551d58dc4ffcfe1c1a0486c8aa1a137507f410981f246443ee3b
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7fbc37fb171259f26fd73e99991474301d5377994ddf936ce0a9509c980829ac
87a5d059866978ec7b34e6e92fe8e8bcc8359fada01169e519ad778536ded772
88976c8ade38e4daa0a11d2dbc5c9a2bdf69a3bbf1a3f944cfe8f3854279a1bb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bff101b1481254388fcd49f4ddb4dc7aea4d634dd3a353b883f749cdd7e95acc
e04fdc8ffe1a6d1387975fa740b7d5c50acc0fad48d890aefed648de55754348
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855